<?php
ob_start();
session_start ();
include_once 'header.php';
?>
<script type="text/javascript" >
function check()
{
	if(document.getElementById('oldpassword').value=='')
	{
		alert("Enter old password");
		return false;
	}
	else if(document.getElementById('newpassword').value=='')
	{
		alert("Enter new password");
		return false;
	}
	else if(document.getElementById('newpassword').value!=document.getElementById('confirmpassword').value)
	{
		alert("Passwords do not match!!");
		return false;
	}
	else
	   return true;
}
</script>
<?php 
if(isset($_POST['change']) && $_POST['change']=="change")
{

 include_once('php/connection.php');
 $sql="select password from registration where type_of_registration ='admin'";
 $res=mysql_query($sql);
 $row=mysql_fetch_array($res);
 
 if($row['password'] == $_POST['oldpassword'])
 {
   $sql1="update registration set password='$_POST[newpassword]' where type_of_registration ='admin'";
   if(!mysql_query($sql1))
   {
     echo mysql_error();
   }
   else
   {
    echo "<center>password changed succesfully</center>";
   
   }
   
 }
 else
 {
  echo "<center>password is not correct</center>";
 }
}
else
{
if (! isset ( $_SESSION ['nenunnanu_admin'] )) {
	header ( "location: admin_login.php" );
}
?>

<table align="center" width="430">
	<form method="post" action="changepassword.php" onsubmit="return check()">
	
	<tr>
		<td>Old Password:</td>

		<td><input type="password" name="oldpassword" id="oldpassword" size="50" /></td>
	</tr>
	<tr>
		<td>New Password</td>
		<td><input type="password" name="newpassword" id="newpassword" size="50" /></textarea></td>
	</tr>
	<tr>
		<td>Confirm Password</td>
		<td><input type="password" name="confirmpassword" id="confirmpassword" size="50" /></textarea></td>
	</tr>
	<tr>
		<td></td>
		<td><input type="submit" name="change" value="change" /></td>
	</tr>
	</form>
</table>
<?php } ?>
</body>
</html>